A new SMS-based phishing ("smishing") campaign is using the United States Postal Service (USPS) as a disguise to target mobile users. On September 15, SlickRockWeb CEO Eric JN Eliason tweeted out two examples of the operation. Both attack SMS messages claimed to contain important information about a USPS package. Using that lure, they attempted to...

Security culture matters to executives, but these individuals are struggling to implement it. In a November 2019 study commissioned by KnowBe4, 94% of individuals with managerial duties or higher in security or risk management said that security culture was important for their organization’s success. Even so, Security Magazine shared that 92% of...

The Office of Management at the U.S. Department of Veterans Affairs (VA) disclosed a security incident involving the personal data of 46,000 veterans. The VA detailed the data breach in a statement published on its website on September 14. According to this press release, the VA's Financial Services...

A joint cybersecurity advisory released on September 1st detailed technical methods for uncovering and responding to malicious activity including best practice mitigations and common missteps. A collaborative effort, this advisory (coded AA20-245A) is the product of research from the cybersecurity organizations of five nations. Those include the...

The 2020 Cost of Data Breach report from IBM and the Ponemon is out. It provides a detailed analysis of causes, costs and controls that appeared in their sampling of data breaches. The report is full of data, and the website allows you to interact with its information so that you can do your own analysis and/or dig into aspects relevant to you and...

A National Health Service (NHS) Trust revealed that it had mistakenly uploaded the personal information of over 18,000 people who had previously tested positive for coronavirus 2019 (COVID-19). On September 14, Public Health Wales announced in a web statement that the data breach had occurred back on...

Security configuration management (SCM) can help organizations do much more than just harden their attack surfaces against intrusions. This fundamental control also has the ability to make your audits flow more smoothly. Indeed, it allows organizations to pull reports from any point in time and demonstrate how their configuration changes and...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned election-related entities to be on the lookout for phishing attacks. In an insight piece published on September 10, CISA highlighted malicious actors' preference for phishing attacks in their efforts to target political parties,...

A phishing attack used real-time validation against an organization's Active Directory in order to steal users' Office 365 credentials. According to Armorblox, the phishing attack targeted an executive working at an American brand that was named one of the world's Top 50 most innovative companies for 2019 on a Friday evening. The email used spoofing...

European cryptocurrency exchange platform Eterbase has announced that it has suffered a security breach which saw malicious hackers access its network and steal funds worth US $5.4 million. In a message posted on Telegram, the Slovakian cryptocurrency exchange listed the six hot wallets plundered by cybercriminals for their Ether, Tezos, Bitcoin,...

The U.S. Department of Defense released the first version of the Cybersecurity Maturity Model Certification (CMMC) back on January 31, 2020. Since that time, there has been a flurry of different industry experts working towards helping clients understand and prepare for getting certified under CMMC. But what is it? The Cybersecurity Maturity Model...

Welcome to the second part of this two-part blog series for administrators who are new to the Chromebook enterprise system. In the previous blog, we discussed settings that are applicable to users and applications. In this blog, we will further explore the Chrome enterprise admin panel as we look into settings that pertain to privacy and physical...

An electric supply company based in Karachi, Pakistan suffered a Netwalker ransomware infection that disrupted its billing and online services. Bleeping Computer learned of the attack through Ransom Leaks, a ransomware researcher who received word from a local Pakistani company that the attack was affecting K-Electric's internal services. According...

Running the IoT Hack Lab at SecTor has been a highlight of my year since 2015. Although we won’t be back this year to fill our corner of the MTCC, I’m happy to be teaching A Beginner’s Guide to Reversing with Ghidra as part of the SecTor 2020 virtual conference October 19-20. Ghidra is an advanced software reverse engineering suite developed by NSA...

Today’s VERT Alert addresses Microsoft’s September 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-903 on Wednesday, September 9th. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in this month’s security guidance. CVE Breakdown by Tag While...

The DoppelPaymer ransomware gang claimed responsibility for a digital security incident that affected Newcastle University's network and systems. In a news release published on its website, Newcastle University revealed that it had begun experiencing issues with several of its IT systems on August 30. Those issues rendered all services inoperable...

So far, there has not been a perfect solution to ridding the world of software and hardware weaknesses. Keeping up-to-date with which weaknesses have are most common and impactful can be a daunting task. Thankfully, a list has been made to do just that the Common Weakness Enumeration Top 25 (CWE). The CWE Top 25 is a community-developed list of the...

Tripwire’s Brent Holder and Stephen Wood discuss recent study findings that provide a snapshot of what organizations are doing (and not doing) to secure their cloud. https://open.spotify.com/episode/300LIn353riZWEtqtgrgJZ?si=XQPdinEsRZiKqjZiJdLgCw ...

Security researchers observed that malicious actors had incorporated a targeted company's homepage into a message quarantine phishing campaign. The Cofense Phishing Defense Center found that the phishing campaign began with an attack email that disguised itself as a message quarantine notification from the targeted company's IT department. The email...

Security researchers at Slovak security firm ESET have discovered a new family of malware that they say has been using a variety of techniques to steal cryptocurrency from unsuspecting users since at least December 2018. The malware, which has been named KryptoCibule, uses a variety of legitimate technology - including Tor and the Transmission...